My name is Daniel Hertzberg CCIE#37401 I blog about all things Network!

Connectivity from Remote sites back to a Data center via MPLS

I wanted to blog a bit about MPLS connectivity. I have been studying a ton of this lately for the lab, I blogged a few months ago about VRF’s connectivity through EIGRP and that was fairly straight forward. The nice thing about MPLS is being able to send routes from each site back to each remote sites or even to a Datacenter. This quick lab will have 2 remote sites which will send their prefixes through a MPLS VPN back to a data center to provide connectivity.

Here is our logical topology.

Here is what everything Looks like with our MPLS routers and each subnet/prefix of each remote site.

If this looks familiar to anyone this is part of INE’s topology.

The first thing we want to do is establish connectivity through our VRF’s handing out from or
PE to CE routers. For example R6,R1 and R5 are all PE routers. They will each need a interface
in a VRF handed out to its respecitive CE router. That VRF will participate in BGP on both
ends the CE side and PE side.

Theres plenty of config here. First CEF has to be turned on. MPLS ip on the global
configuration has to be turned on in order to turn on MPLS.

Each interface we want to send LDP MPLS packets out of MPLS has to be turned on as well.
Since I have a 155.1.146.0/24,155.1.45.0/24 networks and each bgp router needs connectivity to
each others loopback to peer with I had to run a IGP in between them, EIGRP is quick and
simple.

The first section of config is to setup a BGP session for each routers ie

What this does is activates each neighbor for MP-BGP next what it does is sends the VRF RT plus
prefix across to each router within the MPLS Cloud. For example.
Going to R6 another PE router. We can see we are learning a prefix for 192.168.3.0/24 from R1.
We are passing the Extended community string of the RT 1:1 and a MPLS label.

This is extremely flexible as we do not have to have the Same VRF on each and every router.
This topology is small. In a cloud full of 10,20 or 30 plus routers not having to span the
same VRF everywhere is huge.

Now going to our data center side we should see a 192.168.4.0/24 network again.
Data Center as it is…

And we see this prefix being advertised from R5 like it was directly peered connecting to it.

Now our final part of this configuration. To hand out a default route out to each site and
have each one of our prefixex handed out to the data center. I would not like each site to see
each sites prefixs only a default route to each others respected PE routers. This
configuration will be applied on the PE side of course.

I have all my routes, they are being sent from the mpls cloud from the datacenters PE router. Now the odd part here is the origin of the perfixes. 1 1 i, this is due to the as-overide feature. As remote site 1 and remote site 2 are looked at to becoming from AS1 and not AS100. ANother way to get around this would be to use a different AS# per site or use some sort of local-as trickery.